[Zope] GUF: Generic User Folder

Evan Gibson egibson@connect.com.au
Thu, 16 Mar 2000 09:59:14 +1100 

On Wed, Mar 15, 2000 at 02:23:43PM -0500, Pavlos Christoforou wrote:
> I have not touched the authentication machinery yet so I must rely on
> other Zopistas efforts. There is a LoginManager which is part of the PTK.
> Seems to be well thought out, and it seems to provide a very general and
> broad solution to the authentication problem, but I have no idea whether
> or how it works.

The Login Manager looks good because, unlike GUF and UserDb, it allowed
me to use the admin/supervisor password to authenticate straight away 
and so didn't lock me out of the directory.
I actually gave up on GUF because I _couldn't_ get it to let me in in
the first place to set up my db methods. The password that is supposed
to be built in didn't work at all, neither did the supervisor one.

To me this is the biggest problem with the other existing systems, that
they lock you out of your site and there is little you can do about it.
(In UserDb I had to comment out parts of the security code to get it
to let me in and set it up properly. After it was set up it worked fine
and I could put the code back.)

> Another useful add on is for GUF to ship  a complete example of its usage
> based on standard Zope objects (Folders etc). Maybe as an exported
> folder that the user can optionally import. 

All authentication stuff from a database is going to require the
person to customise their own sql we can't make custom authentication
methods any easier than that, but in the simplest case this should
be _all_ they have to do. The supervisor password should _always_ work
in any authentication method from the beginning and it should be made
clear that people are going to have to authenticate using that particular
password until they have the rest of their site set up.

Anyway, the LoginManager looks very clean. It already doesn't have a
lot of the old problems and I like the abstraction. Now I just have to
finish getting DCOracle working (annoying truncated .so files...).

-- 
  Evan ~ThunderFoot~ Gibson    ~ nihil mutatem, omni deletum ~
      May the machines watch over you with loving grace.